Halting Problems

An automated threat intelligence aggregator providing a central hub for supply chain attacks and actively exploited vulnerabilities.

SIEM Ingestion Feed docs
Analyses
122
Machine-readable
JSON feed
Hunting
Scripts tracked
122 analyses shown
critical5 signals

Oracle E-Business Suite Oracle Payments CVE-2026-46817 actively exploited vulnerability: actively exploited vulnerability added to CISA KEV

CISA added CVE-2026-46817 affecting Oracle E-Business Suite / Oracle Payments File Transmission to the Known Exploited Vulnerabilities catalog on 2026-07-15. This post scopes exposure, affected/fixed evidence, and IR handling without treating advisory sites as IOCs.

Signals
5
Last updated
2026-07-15
Hunting
Has script
#supply-chainenterprise-software
critical18 signals

Microsoft Active Directory Federation Services CVE-2026-56155 actively exploited vulnerability: actively exploited vulnerability added to CISA KEV

CISA added CVE-2026-56155 affecting Microsoft Active Directory Federation Services (AD FS) to the Known Exploited Vulnerabilities catalog on 2026-07-14. This post scopes exposure, fixed-version evidence, and IR handling without treating advisory sites as IOCs.

Signals
18
Last updated
2026-07-14
Hunting
Has script
#supply-chainenterprise-software
critical12 signals

SonicWall SMA1000 CVE-2026-15409 and CVE-2026-15410 actively exploited vulnerabilities: actively exploited vulnerability added to CISA KEV

CISA added CVE-2026-15409, CVE-2026-15410 affecting SonicWall SMA1000 Series Appliances to the Known Exploited Vulnerabilities catalog on 2026-07-14. This post scopes exposure, fixed-version evidence, and IR handling without treating advisory sites as IOCs.

Signals
12
Last updated
2026-07-14
Hunting
Has script
#supply-chainenterprise-software
medium4 signals

Joomlack Page Builder CVE-2026-56290: KEV exploited vulnerability

Joomlack Page Builder contains an improper access control vulnerability that could allow for remote code execution via unauthenticated arbitrary file upload. CISA added it to KEV on 2026-07-07, making it an in-scope exploited-vulnerability coverage item.

Signals
4
Last updated
2026-07-07
Hunting
Has script
#supply-chainenterprise-software
medium3 signals

Langflow Langflow CVE-2026-55255: KEV exploited vulnerability

Langflow contains an authorization bypass through user-controlled key vulnerability which allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in the request. CISA added it to KEV on 2026-07-07, making it an in-scope exploited-vulnerability coverage item.

Signals
3
Last updated
2026-07-07
Hunting
Has script
#supply-chainenterprise-software
medium4 signals

Microsoft SharePoint Server CVE-2026-45659: KEV exploited vulnerability

Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code over a network. CISA added it to KEV on 2026-07-01, making it an in-scope exploited-vulnerability coverage item.

Signals
4
Last updated
2026-07-01
Hunting
Has script
#supply-chainenterprise-software